Configure an HTTP trigger to invoke a function - Function Compute

Function Compute supports HTTP triggers. You can invoke functions that have HTTP triggers by sending HTTP requests. The function processes the request and returns the result to the caller. This topic describes how to configure an HTTP trigger in the Function Compute console and test it with an HTTP request.

Prerequisites

Create a function

Step 1: Create a trigger

Log on to the Function Compute console. In the left-side navigation pane, click Functions.
In the top navigation bar, select a region. On the Functions page, click the function that you want to manage.
On the function details page, click the Trigger tab and then click Create Trigger.

In the Create Trigger panel, configure the parameters and click OK.

Configuration Item	Operation	Example
Trigger Type	Select HTTP Trigger.	HTTP Trigger
Name	Enter a custom name for the trigger.	http-trigger
Version or Alias	The default value is LATEST. If you want to create a trigger for another version or alias, you must first select the version or alias from the Version or Alias drop-down list on the function details page. For more information about versions and aliases, see Version management and Alias management.	LATEST
Request Method	Specify the methods that can be used to trigger the HTTP trigger.	GET, POST, PUT, DELETE
Disable Internet URL	This feature is disabled by default. This means the trigger can be accessed from its public endpoint. If you enable this feature, a default public endpoint is not provided for the HTTP trigger. If you then try to invoke the function using the public endpoint, the error message `access denied due to function internet URL is disable` is returned. Access through a custom domain name is not affected.	No
Authentication Method	Select an authentication method for Function Compute to authenticate HTTP requests. The following values are available: No Authentication: HTTP requests do not need to be authenticated. Anonymous access is supported. Anyone can send an HTTP request to invoke your function. Signature Authentication: HTTP requests must be authenticated. For sample code about signature authentication, see Access an HTTP trigger endpoint with a signature. Bearer Authentication: HTTP requests must be authenticated. For sample code about Basic authentication, see Configure Basic authentication for an HTTP trigger. JWT Authentication: HTTP requests must be authenticated using JSON Web Token (JWT). For more information, see Configure JWT authentication for an HTTP trigger. Bearer Authentication: HTTP requests must be authenticated using Bearer authentication. For more information, see Enable Bearer authentication for an HTTP trigger.	No authentication

After the trigger is created, you can modify its configurations, such as Version or Alias, Request Method, and Authentication Method.

Step 2: Write and deploy code

After you create the HTTP trigger, write the function code.

On the function details page, click the Code tab. Write code in the code editor and then click Deploy. For sample code, see the handler documentation for different runtimes in the section of the Function Compute documentation.

Step 3: Test the function

Method 1: Use the console to test the function

On the Function Details page, click the Code tab.

Synchronous call
Click Test Function.
Asynchronous invocation
Click the icon to the right of Test Function, select Async Invocation, and then click Test Function.

After execution completes, view the result on the Code tab.

Method 2: Use cURL to test the function

On the function details page, click the Trigger tab. In the Configurations column of the target HTTP trigger, obtain the public endpoint.
Run a cURL command on the command line to test the function.
Synchronous call
The following is an example. Replace https://example.cn-shenzhen.fcapp.run with the public endpoint of the HTTP trigger that you obtained in the previous step. Replace $path with the name of the API operation that you want to call.
```
curl -v https://example.cn-shenzhen.fcapp.run/$path
```
Note
Invoke a web function: Take Flask as an example. To test a Python function whose route is defined as @app.route('/test'), replace $path with test. To test a Python function whose route is defined as @app.route('/'), directly call the public endpoint of the HTTP trigger.
Invoke an event function: Directly call the public endpoint of the HTTP trigger.
After execution completes, Function Compute returns the execution result of the code.
Asynchronous invocation
The following is an example. Replace https://example.cn-shenzhen.fcapp.run with the public endpoint of your HTTP trigger. Replace $path with the name of the API operation that you want to call.
```
curl -v -H "X-Fc-Invocation-Type: Async" https://example.cn-shenzhen.fcapp.run/$path
```
Note
Invoke a web function: Take Flask as an example. To test a Python function whose route is defined as @app.route('/test'), replace $path with test. To test a Python function whose route is defined as @app.route('/'), directly call the public endpoint of the HTTP trigger.
Invoke an event function: Directly call the public endpoint of the HTTP trigger.
After execution completes, Function Compute returns the result of receiving the request. A status code of 202 indicates that the request was successfully submitted, while other status codes indicate that an error occurred during invocation. For more information about the specific causes of error codes, see FAQ (Troubleshooting).

Method 3: (Not recommended) Use a browser to test the function

On the function details page, click the Trigger tab. In the Configurations column of the target HTTP trigger, obtain the public endpoint. Enter this endpoint in the address bar of your browser and press Enter.
After execution completes, the browser returns a file that contains the execution result.

(Optional) Use API Gateway to protect the function

Function Compute allows anonymous access to HTTP functions, which means that anyone can send HTTP requests to invoke your functions. To prevent resource waste and security risks caused by unauthorized access, enable identity authentication and connect your HTTP functions to API Gateway. You can use API Gateway’s IP-based access control plug-ins, JWT authentication plug-ins, or basic authentication plug-ins to protect your HTTP functions.

In the Function Compute console, find the target function. On the function details page, click the Trigger tab. In the Actions column of the target HTTP trigger, click Modify.
In the Edit Trigger pane, turn on the Disable Internet URL switch.
Log on to the API Gateway console and switch to the region where the HTTP function is located.
Create a group and an API.
Create an API to allow external applications to call the internal function service in a specified way. Use an API group to organize and manage multiple related API operations. This makes it easier to implement unified security policies and traffic shaping measures.
1. In the API Gateway console, choose Manage APIs > API Groups in the left navigation pane. Then, click Create Group.
2. In the Create Group dialog box, select an Instances:. Set Group Name to FC-Group and BasePath to /. Then, click Confirm.
3. In the Actions column of the target group, click Manage APIs. Then, click Create API. In the Basic Information section, configure the following parameters and click Next.
4. In the Define API Request section, set Request Path to /, keep the default values for other parameters, and click Next.
5. In the Define Backend Service section, set Trigger Path to the private endpoint of the Function Compute trigger, which is https://example.cn-hangzhou-vpc.fcapp.run. Configure the parameters as shown in the figure and click Next.
6. In the Define Response section, keep the default configurations and click Create. After the API is created, click Publish in the Actions column of the API.
Debug the API. Use the online debugging tool provided by API Gateway to test whether the API functions as expected before publishing it. This helps you identify and resolve issues promptly. If the debugging is successful, it indicates that the API Gateway API is connected to Function Compute.
1. In the API Gateway console, choose Call APIs > Debug in the left navigation pane.
2. On the Debug page, select the FC-test API that you created and click Send Request. If the information shown in the following figure is returned, the configuration is successful.
Create a plug-in of the Backend Signature type. Set key to your AccessKey ID and secret to your AccessKey secret. Then, bind the plug-in to the API that you created. For more information, see Plug-in overview.
Resolve your domain name to the second-level domain provided by API Gateway using a CNAME record.
1. In the API Gateway console, choose Manage APIs > API Groups in the left navigation pane. Copy the public second-level domain.
2. Go to your domain name resolution management page. For Alibaba Cloud, the domain name resolution management page is at https://dnsnext.console.alibabacloud.com. On the domain name list page, find the domain name you want to manage and click the link on the domain name to go to its management page.
  Note
  Independent domain names in the Chinese mainland must have an ICP filing from Alibaba Cloud or have their ICP filing transferred to Alibaba Cloud.
3. In the API Gateway console, choose Manage APIs > API Groups in the left navigation pane. Go to the Independent Domains section. At the bottom right of the page, find the button to bind a domain name. Click the button, enter your domain name, and click OK. The domain name is successfully bound.

After you complete these steps, you can access the HTTP function through your own domain name. You can also create and bind the following plug-ins to your API to protect your HTTP function.

Troubleshoot errors

Errors fall into two main categories.

Request errors occur when the sent request does not meet the required standards. A 4xx status code is returned in the response.
Function errors occur when there is a problem with the function code. A 5xx status code is returned.

The following table describes scenarios where request errors and function errors may occur to help you troubleshoot issues quickly.

Error Type	HTTP Status Code	Cause Analysis	Billed
Request error	400	Your request exceeds the request limits. For more information, see HTTP trigger overview.	No
	400	The request to invoke a function that requires authentication does not contain the Date or Authorization information.	No
	403	The signature of the request to invoke a function that requires authentication is incorrect. This means the Authorization is incorrect. Because the Date is used in the signature calculation and the signature is valid for only 15 minutes, the signature can expire. A common cause is that the Date sent in the request header for an HTTP trigger that requires authentication is more than 15 minutes from the current time, causing the signature to expire.	No
	403	Your request uses a request method that is not configured in the HTTP trigger. For example, the HTTP trigger is configured to only accept GET requests, but a POST request is sent.	No
	404	An HTTP request is sent to a function that does not have an HTTP trigger.	No
User throttling	429	You are being throttled. You can reduce the concurrency level or contact the Function Compute development team to increase your concurrency limit.	No
Function error	502	The return value of the function exceeds the response limits. For more information, see HTTP trigger overview.	Yes
	502	The function code has a syntax error or an exception.	Yes
	502	An HTTP request is sent to a function that does not use an HTTP handler.	Yes
System error	500	Function Compute encountered a system error. You can retry the operation.	No
System throttling	503	Function Compute system throttling errors. You can try again in exponential backoff mode.	No

If the issue persists, join the DingTalk group (ID: 64970014484) to contact Function Compute engineers for support..